2.2.1 Common Syntax for Request Messages

[WSFederation1.2] sections 13.2.1 and 13.2.2 specify the common syntax for requesting security tokens. For processing guidance on handling unsupported parameters, see section 3.1.5.2.

To simplify implementation and improve interoperability by restricting protocol variations, implementations conforming to this protocol SHOULD NOT<8> support the following parameters:

• wres (optional in [WSFederation1.2]): This URL parameter specifies the URL for the resource accessed. Note that this parameter is listed as a legacy parameter in [WSFederation1.2].

• wp (optional in [WSFederation1.2]): This optional parameter is a URL for policy that can be obtained using an HTTP GET.

• wreq (optional in [WSFederation1.2]): This optional parameter specifies a token request using either a wsse:RequestSecurityToken element or a full request message, as specified in [WSTrust].

• wreqptr (optional in [WSFederation1.2]): A URL where the requestor IP/STS can find (using an HTTP GET) the relying party's request.

If an implementation chooses to support these parameters (in addition to supporting the full protocol), it will still be compliant with the Microsoft Web Browser Federated Sign-On Protocol.